(Ping! Zine Web Hosting Magazine) – Bromium®, Inc., the pioneer of threat isolation to prevent data breaches, today announced the general availability of Bromium Enterprise Controller ™ (BEC), a scalable security management platform that delivers one-click deployment, policy orchestration, monitoring and threat management for enterprise endpoint infrastructure. BEC complements Bromium vSentry and LAVA ™ to enable the largest organisations in the world to efficiently transform their enterprise security infrastructure to defeat advanced cyber attacks and prevent data breaches – faster than ever.
“Endpoint threat isolation should be a core component of security prevention programs because of the challenge companies face due to increased threat volume,” said Roland Cloutier, Chief Security Officer, ADP. “With hardware-enforced isolation and micro-virtualization technology in Bromium’s solution, we have an ability to gain increased visibility into threats and act on those attempts in real-time to mitigate their disruption to our business and clients.”
BEC enables security teams to efficiently deploy and effectively manage the entire Bromium configuration process, quickly responding to threats while reducing or eliminating helpdesk calls. Recently, a Fortune 50 corporation deployed Bromium across tens of thousands of endpoints in less than 90 days.
Key features and benefits of BEC include:
- Streamlined and Scalable Global Deployment—Accelerate deployments at scale with a fully autonomous installation and update engine that does not impinge on existing desktop management systems or personnel.
- Simplified and Granular Policy Management—Configure dynamic policy requirements with an advanced engine and granular controls. Fully integrated directory services can assign, deliver and update security policies relevant to individual or group roles.
- Centralized Visibility and Actionable Security Intelligence—Monitor, analyze and report on dangerous security events, attack kill chains and risk profiles in real time from a centralized dashboard.
- Integration with Threat Intelligence Systems – Publish threat intelligence in real time to SIEM systems and network security tools to provide defence-in-depth. Share threat data in a structured format, such as STIX, with other agencies and organisations to enable cooperation in the fight against cyber crime.
BEC automates deployment and configuration of Bromium vSentry and LAVA, enabling the largest enterprises in the world to immediately realise the benefits of proactive protection from advanced threats and unparalleled visibility into security events. Bromium’s patented micro-virtualization technology enables the CPU-based isolation and real-time introspection of unknown Internet tasks as they run on the enterprise’s endpoints.
- Automatically Defeat Advanced Attacks – Bromium vSentry leverages micro-virtualization to automatically isolate and defeat attacks – without the need for signatures or whitelists.
- Identify and Analyse Malware Execution – Bromium LAVA leverages micro-virtualization to identify and analyse malware execution in each isolated task, including memory changes, files, registry and full packet capture. LAVA analysis is streamed to the Security Operations Center in real time, before automatically remediating the endpoint.
Isolating unknown tasks (and malware) into hardware-isolated micro-virtual machines greatly reduces the attack surface of the endpoint. This technique is now considered an industry best practice.
In Best Practices for Detecting and Mitigating Advanced Persistent Threats, published May 4, 2015, Gartner analysts Lawrence Pingree, Neil MacDonald and Peter Firstbrook wrote “For “lean-forward” organisations, consider deploying application containment to isolate risky applications, such as browsers and PDF viewers, from the core endpoint system resources where these applications are the primary avenue of attack.”
About Bromium, Inc.
Bromium is re-inventing enterprise security with its powerful new technology, micro-virtualization, which was designed to protect businesses from advanced malware by design, while simultaneously empowering users and delivering real-time threat intelligence to IT. Unlike traditional security methods, which rely on complex and ineffective detection techniques, Bromium protects against malware from the Web, email or USB devices, by automatically isolating each user task at the endpoint in a hardware-isolated micro-VM, preventing theft or damage to any enterprise resource. Bromium’s technological innovations have earned the company numerous industry awards. Bromium counts a rapidly growing set of Fortune 500 companies and government agencies as customers.